Privacy is important. Most of us store files on our home and business computers that we wouldn't want others to have unrestricted access to. Addresses, phone numbers, bank details, pictures and video - any of these things could cause problems in the wrong hands.
And with portable devices being so, well, portable, and hackers and malware assaulting users from the internet, the wrong hands could quite easily gain access. But there is a proven defence against all these threats - encryption.
The British government lost 29 million personal records over 12 months. The Daily Mail lost a laptop containing thousands of staff records in July this year. A manager was recently fired from Colchester University Hospital after a PC containing unprotected patient records was swiped from his car.
2007 and 2008 have been defined by data loss, and the media have been overflowing with stories about large organisations and the government making basic privacy mistakes and failing to encrypt valuable files. But smaller businesses and home users often make similar errors themselves - they may not make the headlines, but these incidents can be just as damaging.
The strength of laptops, USB sticks, CDs et al is also their greatest weakness - they're easy to lose and they're easy to steal. I am consistently surprised that even with all these high profile data losses making the front page of the papers, people still maintain a very blasé attitude to privacy and believe that password protection is sufficient to protect their valuable data. It isn't - password protection is notoriously easy to break.
The most effective way to protect important information is to encrypt it. Encryption transforms files so that they are unreadable to all but the owner of the decryption key. Many modern encryption solutions use the Advanced Encryption Standard (AES), a secure and highly regarded encryption algorithm.
In fact, the US government considers this type of encryption to be suitable for TOP SECRET classified files - the highest level of secrecy there is. These solutions are inexpensive and widely available whether it's a global enterprise, small business or home user. It's good practice, both personally and professionally, to encrypt all valuable information on a portable device. That way, if a user's critical information is stolen, the thief will be unable to make any use of it whatsoever.
Of course it's not only hardware loss that threatens users' data. The internet is rife with threats that can allow outside eyes to access a hapless victim's sensitive files. Malware is one such threat - with some threats allowing thieves access to the files stored on the victim’s computer. If a user downloads the wrong file, or visits a contaminated website, they may find their computer infested with this malicious software.
Even worse, they may not even know. Internet security software generally does an excellent job of protecting users against the majority of these threats, but with new threats emerging daily, its best to err on the side of caution and encrypt the files that are particularly sensitive. That way, if malicious code does manage to bypass internet security, the information has an extra layer of defence and privacy can be ensured.
If sensitive information is no longer required, the best way to protect it is to delete it. However, when files are deleted from a hard drive they leave traces that can be reconstructed by thieves and hackers. By encrypting the files before deletion, the remnants that remain on the drive will remain encrypted and remain inaccessible should they be reconstructed. In this way, encryption protects your privacy, even when the files are gone.
Another way to ensure that the deleted files are safe is to use a file shredder. File shredders work by overwriting the deleted information with another piece of data. The software also removes any links to other sensitive files that may remain in the data, so as to fully ensure privacy.
This method is often used by military organisations to protect their deleted data. The United States Department of Defence, for example, overwrites sensitive files a minimum of three times in order to ensure no access to deleted files is possible.
Good encryption gives users both a first and last line of defence, protecting them against threats to their privacy. Isn't it time more people started doing that?
